The Last Paper on the Halpern-Shoham Interval Temporal Logic 



Draft (October 22, 2010) 



Jerzy Marcinkowski, Jakub Michaliszyn 
Institute of Computer Science, 
University Of Wroclaw, 
ul. Joliot-Curie 15, 50-383 Wroclaw, Poland 



{ jma, jmi } @cs .uni . wroc .pi 



Abstract 

The Halpern-Shoham logic is a modal logic of time in- 
tervals. Some effort has been put in last ten years to clas- 
sify fragments of this beautiful logic with respect to decid- 
ability of its satisfiability problem. We contribute to this 
effort by showing - what we believe is quite an unexpected 
result - that the logic of subintervals, tlie fragment of the 
Halpern-Shoham where only the operator "during ", or D, 
is allowed, is undecidable over discrete structures. This is 
surprising as this logic is decidable over dense orders M4V 
and its reflexive variant is known to be decidable over dis- 
crete structures H13V . Our result subsumes a lot of previ- 
ous results for the discrete case, like the undecidability for 
ABE tJUj, BE /[77J, BD fJ2S, ADB, AAD, and so on 



1 Introduction 

In classical temporal logic structures are defined by as- 
signing properties (propositional variables) to points of time 
(which is an ordering, discrete or dense). However, not all 
phenomena can be well described by such logics. Some- 
times we need to talk about actions (processes) that take 
some time and we would like to be able to say that one such 
action takes place, for example, during or after another. 

The Halpern-Shoham logic 1 10 1, which is the subject of 
this paper, is one of the modal logics of time intervals. Judg- 
ing by the number of papers published, and by the amount 
of work devoted to the research on it, this logic is probably 
the most influential of time interval logics. But historically 
it was not the first one. Actually, the earliest papers about 
intervals in context of modal logic were written by philoso- 
phers, e.g., (9). In computer science, the earliest attempts 



to formalize time intervals were process logic 1(171 [191 and 
interval temporal logic [15]. Relations between intervals 
in linear orders from an algebraic point of view were first 
studied systematically by Allen (TJ. 

The Halpern-Shoham logic is a modal temporal logic, 
where the elements of a model are no longer — like in clas- 
sical temporal logics — points in time, but rather pairs of 
points in time. Any such pair — call it [p, q], where q is not 
earlier than p — can be viewed as a (closed) time interval, 
that is, the set of all time points between p and q. HS logic 
does not assume anything about order — it can be discrete 
or continuous, linear or branching, complete or not. 

Halpern and Shoham introduce six modal operators, act- 
ing on intervals. Their operators are "begins" B, "during" 
D, "ends" E, "meets" A, "later" L, "overlaps" O and the 
six inverses of those operators: B, D, E, A, L, O. It is easy 
to see that the set of operators is redundant. The ,,more ex- 
pressive" of them, which are A, B and E can define D (B 
and E suffice for that - a prefix of my suffix is my infix) 
and L (here A is enough -"later" means "meets an interval 
that meets"). The operator O can be expressed using E and 
B. 

In their paper, Halpern and Shoham show that (satisfia- 
bility of formulae of) their logic is undecidable. Their proof 
requires logic with five operators (B,E and A are explic- 
itly used in the formulae and, as we mentioned above, once 
B, E and A are allowed, D and L come for free) so they 
state a question about decidable fragments of their logic. 

Considerable effort has been put since this time to settle 
this question. First, it was shown ifTTTl that the BE fragment 
is undecidable. Recently, negative results were also given 
for the classes BE, BE, BE, AAD, AD*B, AD* B J2]|6|, 
and BD |[T2l . Another elegant negative result was that OO 
is undecidable over discrete orders |3JIU- 

On the positive side, it was shown that some small frag- 
ments, like BB or EE, are decidable and easy to translate 
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into standard, point-based modal logic [8]. The fragment 
using only A and A is a bit harder and its decidability was 
only recently shown |6l|7). Obviously, this last result im- 
plies decidability of LL as L is expressible by A. Another 
fragment known to be decidable is ABB 1 16]. 

The last interesting fragment of the Halpern and Shoham 
logic of unknown status was the, apparently very simple, 
fragment with the single operator D (,, during"), which we 
call here the logic of sub-intervals. Since D does not seem 
to have much expressive power (an example of a formula 
would be „each morning I spend a while thinking of you" 
or „each nice period of my life contains an unpleasant frag- 
ment") logic of sub-intervals was widely believed to be de- 
cidable. A number of decidability results concerning vari- 
ants of this logic has been published. For example, it was 
shown in (HE)) than satisfiability of formulae of logic of 
subintervals is decidable over dense structures. In |[T3l . de- 
cidability is proved for (slightly less expressive) „reflexive 
D". The results in lETl imply that D (as well as some richer 
fragments of the HS logic) is decidable if we allow models, 
in which not all the intervals defined by the ordering are 
elements of the Rripke structure. 

In this paper we show that satisfiability of formulae from 
the D fragment is undecidable over the class of finite order- 
ings as well as over the class of all discrete orderings. Our 
result subsumes the negative results for the discrete case for 
ABE flU, BE 03), BD 02 and ADB, AAD EUS). 

1.1 Main theorems 

Our contribution consists of the proofs of the following 
two theorems: 

Theorem 1. The satisfiability problem for the formulae of 
the logic of subintervals, over models which are suborders 
of the order (Z, <), is undecidable. 

Since truth value of a formula is defined with respect to a 
model and an initial interval in this model (see Preliminar- 
ies), and since the only allowed operator is D, which means 
that the truth value of a formula in a given interval depends 
only on the labeling of this interval and its subintervals The- 
orem[T]can be restated as: The satisfiability problem for the 
formulae of the logic of subintervals, over finite models is 
undecidable, and it is this version that will be proved in 
Section|3]. 

Theorem 2. The satisfiability problem for the formulae of 
the logic of sub-intervals, over all discrete models, is unde- 
cidable. 

2 Preliminaries 

Orderings. As in [10], we say that a total order (D, <) 
is discrete if each element is either minimal (maximal) or 



has a unique predecessor (successor); in other words for all 
a, b 6 D if a < b, then there exist points a' , b' such that 
a < a', b' < b and there exists no c with a < c < a 1 or 
b' < c < b. 

Semantic of the D fragment of logic HS (logic of sub- 
intervals). Let (D, <) be a discrete ordered setlH 

An interval over D is a pair [a, b] with a, b £ D and 
a < b. A labeling is a function 7 : 1(D) — > V(Var), where 
1(D) is a set of all intervals over D and Var is a finite set of 
variables. A structure of the form M = (1(D), 7) is called a 
model. 

We say that an interval [a, b] is a leaf iff it has no sub- 
intervals (i.e. a = b). 

The truth values of formulae are determined by the fol- 
lowing (natural) semantic rules: 

1. For all v € Var we have M, [a, b] \= vifiv 6 j([a, b)). 

2. M, [a, b] (= -«p iff M, [a, b] ty= ip. 

3. M, [a, b] \= (px A cp 2 iff M, [a, b] (= ipi and M, [a, b] \= 

4. M, [a, 6] |= (D)(p iff there exists an interval [a',b'} 
such that M,[a',b'] \= tp, a < a', b' < b, and 
[a,b] ^ [a 1 , b']. In that case we say that [a, b] sees 

w, y\. 

Boolean connectives V, are introduced in the stan- 

dard way. We abbreviate ->(£)) by [D]ip and ip A [D](p 
by [G\<p. 

A formula ip is said to be satisfiable in a class of or- 
derings T> if there exist a structure D 6 T>, a labeling 7, 
and an interval [a,b], called the initial interval, such that 
(1(D), 7), [a, b] \= (p., A formula is satisfiable in a given 
ordering D if it is satisfiable in {D}. 

3. Proof of Theorem [1] 

In Section|3]only consider finite orderings. 
Our representation. We imagine the Rripke structure of 
intervals of a finite ordering as a directed acyclic graph, 
where intervals are vertices and each interval [a, b] with 
the length greater that has two successors: [a + l,b] and 
[a, b— 1). Each level of this representation contains intervals 
of the same length (see Fig. [TJ. 

3.1 The Regular Language La 

In this section we will, for a given two-counter finite au- 
tomaton (Minsky machine) A, define a regular language La 

'To keep the notation light, we will identify the order (D, <) with its 
setD 
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Figure 1. Our representation of order ({a, a + 

1,. ..,&},<). 



whose words will almosj^jencode the computation of A (be- 
ginning from the empty counters). 

Let Q be the set of states of A, and let Q' = {q' : q e 
Q}. Define B = {/, f h f r , /', //, f' r , s, s t ,s r , s', s' t , s' r }. 

The alphabet E of La will consist of all the elements of 
Q U Q' (jointly called states) and of all the subsets (pos- 
sibly empty) of B which consist of at most 4 elements: 
at most one of them from {f,fi,f r }, at most one from 
{/', //, at most one from {s, sj, s r }, and at most one 
from jV, sj, sj.}. 

Symbols of E containing // or // (s/ or sj) will be called 
first (resp. second) counters. Symbols of E containing /. r 
or (s r or s^.) will be called first (resp. second) shadows 
(or shadows of the first/the second counter). 

The language will consist of all the words w over E 
which satisfy all the following six conditions: 

• The first symbol of w is the beginning state qo of A 
and the last symbol of w is either q or q', where q is 
one of the final states of A. 

By a configuration we will mean a maximal sub-wore^] 
of w, whose first element is a state (called the state of this 
configuration) and which contains exactly one state (so that 
w is split into disjoint configurations). A configuration will 
be called even if its state is from Q and odd if it is from Q'. 

• Odd and even configurations alternate in w. 

• Each configuration, except of the last one (which only 
consists of the state) contains exactly one first counter 
and exactly one second counter. If a configuration is 
even, then its first counter contains /; and its second 

2 See Lemma 1 for an explanation what we mean by "almost". 
3 By a sub-wora we mean a sequence of consecutive elements of a word, 
an infix. 



counter contains s;. If a configurations is odd, then its 
first counter contains and its second counter con- 
tains s\. The first non-state symbol of the first config- 
uration is both a first counter and a second counter. 

• The are no shadows in the first and the last configu- 
ration. Each configuration, except of the first and the 
last, contains exactly one first shadow and exactly one 
second shadow. If a configuration is even, then its first 
shadow contains f' r and its second shadow contains s' r . 
If a configurations is odd, then its first shadow contains 
f r and its second shadow contains s r . 

It follows, from the conditions above, that if (in a word 
from the language La) there is a counter containing /; 
(/ ; ',Si,S;) then there is its shadow f r (resp. f'.,s r ,s' r ) in 
the subsequent configuration. Call a sub-word beginning 
with first (second) counter and ending with its shadow a 
first (resp. second) shade. Notice, that the above conditions 
imply in particular that each state (except of the first one 
and last one) is in exactly one first shade and in exactly one 
second shade. 

• A non-state symbol of w contains / (f',s,s') if and 
only if it is inside some shade beginning with /; (resp. 

The last condition defining La will depend on the in- 
structions of the automaton A. We say that a configuration 
has first {second) counter equal zero if the first non-state 
symbol of this configuration contains /; or // (resp. si or 
s\). It is good to think, that the number of symbols before 
the first/second counter is the value of this counter in the 
given configuration. Notice that the first configuration of a 
w € La is indeed the initial configuration of A - its state is 
<7o and both its counters equal 0. 

Since the format of an instruction of A is: 

If in state q 

the first counter 

equals/does not equal and 

the second counter 

equals/does not equal 

then change the state to q\ and 

decrease/increase/keep unchanged 

the first counter and 

decrease/increase/keep unchanged 

the second counter. 

it is clear what we mean, saying that configuration C 
matches the assumption of the instruction I. 

• If C and C\ are subsequent configurations in w, and C 
matches the assumption of an instruction /, then: 
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- If I changes the state into q\ then the state of C\ 
is qi. 

- \fl orders the first (second) counter to remain un- 
changed, then the first (resp. second) counter in 
C\ coincides with the first (resp. second) shadow 
inCi. 

- If / orders the first (second) counter to be de- 
creased, then the first (resp. second) counter in 
C\ is the direct predecessor of the first (resp. sec- 
ond) shadow in C\. 

- If I orders the first (second) counter to be in- 
creased, then the first (resp. second) counter in 
C\ is the direct successor of the first (resp. sec- 
ond) shadow in C\. 

This completes the definition of the language La- It is 
clear, that it is regular. Our main tool will be the following: 

Lemma 1. The following two conditions are equivalent: 

( i) Automaton A, started from the initial state q and 
empty counters, accepts. 

( ii) There exists a word w G La an d a natural number n 
such that: 

• each configuration in w ( except of the last one, 
consisting of a single symbol) has length n — 1 

• each shade in w has length n ( this includes the 
two symbols in the two ends of a shade). 

Proof. For the => direction consider an accepting compu- 
tation of A and take n as any number greater than all the 
numbers that appear on the two counters of A during this 
computation. For the 4= direction notice that the distance 
constraint from (ii) imply, that the distance between a state 
and the subsequent first (second) shadow equals the value 
of the first (resp. second) counter in the previous config- 
uration. Together with the last of the six conditions defin- 
ing La this implies that the subsequent configurations in 
w € La can indeed be seen as subsequent configurations in 
the valid computation of A. 

□ 

Since the halting problem for two-counter automata is 
undecidable, the proof of Theorem [T] will be completed 
when we write, for a given automaton A, a formula ^> of 
the language of the logic of sub-intervals which is satisfi- 
able (in a finite model) if and only if condition (ii) from 
Lemma [T] holds. Actually, what the formula ^ is going to 
say is, more or less, that the word written (with the use of 
the labeling function 7) in the leaves of the model is a word 
w as described in Lemma[T](ii). 

In the following subsections we are going to write for- 
mulae $ ori cnt, $L A , $cloud and ^length, SUCh that $ ori ent A 

&l a A $ c ioud A $iength will be the formula ^ we want. 



3.2 Orientation 

As we said, we want to write a formula saying that the 
word written in the leaves of the model is the w described 
in Lemma [T](ii). 

The first problem we need to overcome is the symmetry 
of D - the operator does not see a difference between past 
and future, or between left and right, so how can we distin- 
guish between the beginning of w and its end? We deal with 
this problem by introducing five variables L, R, sq, si, s 2 
and writing a formula <l> or iciit which will be satisfied by an 
interval [a, b] if [a, a] is the only interval that satisfies L and 
[b, b] is the only interval that satisfies R, or [6, b] is the only 
interval that satisfies L and [a, a] is the only interval that 
satisfies R, and if all the following conditions hold: 

• any interval that satisfies L satisfies also sq\ 

• each leaf is labeled either with sq or with si or with 

S2; 

• each interval labeled with sq or with s% or with s 2 is a 
leaf; 

• if c, d, e are three consecutive leaves of [a, b] and if 
Si holds in c, Sj holds in d and Sk holds in e then 
{i,j,k} = {0,1,2}. 

If [a, b] |= $ ricnt then the leaf of [a, b] where L holds 
(resp. where R holds) will be called the left (resp. the right) 
end of [a,b]. 

Let exactly .one.of(X) = \J xeX (x A A X 'ex\{ x } ^ x ') 
be a formula saying (which is not hard to guess) that exactly 
one variable from the set X is true in the current interval, 
^orient is a conjunction of the following formulae. 

(i) [.D](([-D]_L exactly -one-of{{sQ, s±, S2}) A (s V 
Sl V s 2 [D}±))) 

(ii) [D]((D)(D)T => (D)s A (D) Sl A (D)s 2 ) 

(iii) [£>](£=► * ) 

(iv) (D)R A (D)L 

(v) [£>](£=► -JZ) 

(vi) [D)([D][D}±A(D)L^^(D)s 2 ) 

( vii > y iei0 ,i,2}P]{[D][D]±A{D)R^^{D)8 i ) 

Formulae Q, du|, and ( fin} express the property defined 
by the conjunction of the four items above (notice, that 
[D]A. means that the current interval is a leaf). 

Formula (jjvji says that there exists an interval labeled 
with R and an interval labeled with L. 
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Formula (jvj states that intervals labeled with L are also 
labeled with sq, and intervals labeled with R are labeled 
with S2, so they are leaves. 

Formula (jvi]) guarantees that no interval containing ex- 
actly 2 leaves, which is a super-interval of an interval la- 
beled with L, can contain a sub-interval labeled with S2- It 
implies that an interval labeled with L can only have one 
super-interval containing exactly 2 leaves — if there were 
two, then their common super-interval containing 3 leaves 
would not have a sub-interval labeled with s 2 , what would 
contradict |n]). 

Finally, formula ( vii I, finally, works like (jvi| but for R. 
We have to use disjunction in this case since we do not know 
which Si is satisfied in the interval labeled with R. 

In the rest of paper we restrict our attention to models 
satisfying formula ^orient, and treat the leaf labeled with L 
as the leftmost element of the model. 

3.3 Encoding a Finite Automaton 

In this section we show how to make sure that consecu- 
tive leaves of the model, read from L to R, are labeled with 
variables that represent a word of a given regular language. 

Lemma 2. Let A = (£, Q, q°,F, 5), where q° G Q, T C 
Q, S C QxSxQfc a finite-state automaton ( deterministic 
or not, it does not matter). 

There exists a formula ipj^ of the D fragment of Halpern- 
Shoham logic over alphabet QUE that is satisfiable ( with 
respect to the valuation of the variables from Q) if and only 
if the word, over the alphabet £ written in the leaves of the 
model, read from L to R, belongs to the language accepted 
by A. 

Proof. It is enough to write a conjunction of the following 
properties. 

1 . In every leaf, exactly one letter from £ is satisfied (so 
there is indeed a word written in the leaves). 

2. Each leaf is labeled with exactly one variable from Q. 

3. For each interval with the length 1, if this interval 
contains an interval labeled with Sj, with a € £ 
and with q E Q and another interval labeled with 

s (i+l) mod 3' and with l' € 2' then a > l') e S - 

4. Interval labeled with R is labeled with such q € Q and 
a G £ that (q, a, q') G 8 for some q' G T . 

5. Interval labeled with L is labeled with q°. 

Clearly, a model satisfies properties [T]|5] if and only if its 
leaves are labeled with an accepting run of A on the word 
over £ written in its leaves. The formulae of the D fragment 
of Halpern-Shoham logic expressing properties TJ5 ; 
hard to write: 



1. [G](([L>]_L exactly _one.of{Y,))h{\jY, => [£>]!_)) 

2. [G](([L>]_L => exactly _one„o/(Q)) A (V Q 
[D]±)) 

3. [G]([D}[D}± A (D)si A (D)s i+1 mod 3 => 

mod 

for each i £ {0, 1,2} 

4. [G](i?^V W>e ^^(9Aa)) 

5. [G](L^g°) 

Now, let A be a finite automaton recognizing language 



from Section 3.1 and put = ipj^ 



3.4 A Cloud how to build it 

We still need to make sure, that there exists n such that 
each configuration (except of the last one) has length n — 1 
and that each shade has the length exactly n. Let us start 
with: 

Definition 1. Let M = (1(D), 7) be a model and p a vari- 
able. We call p a cloud there exists k £ N such that 
p G "f([a, b]) if and only if the length of [a, b] is exactly k. 

So one can view a cloud as a set of all intervals of some 
fixed length. Notice, that if the current interval has length k 
then exactly k + 1 leaves are reachable from this segment 
with the operator D. 

We want to write a formula of the language D fragment 
of Halpern-Shoham logic saying that p is a cloud. In order 
to do that we use an additional variable e. The idea is that 
an interval [a, a + n] satisfies e iff [a + 1, a + n + 1] does 
not. 




are not 



Figure 2. An example of a cloud. 

Let <I> c ioud be a conjunction of the following formulae. 

1. (D)p — there exists at least one point that satisfies p. 

2. [D](p [Z)]-i£>) — intervals labeled with p cannot 
contain intervals labeled with p. 

3. [G](((D)p) (<D)(pAe))A(<D)(pA^e))) — each 
interval that contains an interval labeled with p actually 
contains at least two such intervals — one labeled with 
e and one with ->e. 
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Lemma 3. IfM, [om, &m] |— ^cioud- where «m anof bu are 
endpoints of M, f/zen p is a cloud. 

Proof. We will prove that if an interval [x, y) is labeled with 
p, then also [a: + 1, y + 1] is labeled with p. A symmetric 
proof shows that the same holds for [x — l,y — 1], so all 
the intervals of length equal to m, where m is the length of 
[x,y], are labeled with p. 

This will imply that no other intervals can be labeled 
with p and p is indeed a cloud. This is because each such 
interval either has a length greater than m, and thus con- 
tains an interval of length to, and as such labeled with p, or 
has a length smaller than m, and is contained in an interval 
labeled by p, in both cases contradicting (ii). 

Consider an interval [x, y] labeled with p. Interval 
[x, y + 1] contains an interval labeled with p, so it has to 
contain two different intervals labeled with p - one labeled 
with e and the other one with ->e. Suppose without loss of 
generality that [x, y] is the one labeled with e, and let us 
call the second one [u,i\. If t < y + 1, then [u, t] is a sub- 
interval of [x, y] and is labeled with p, a contradiction. So 
t = y + l. 

Let us assume that u > x + 1. The interval [u — 1, y + 1] 
must contain two different intervals labeled with p. One 
of them is [x, y + 1], and it cannot contain another interval 
labeled with p, so the other one must be a sub-interval of 
[u — 1,2/]. But then it is a sub-interval of [x,y] (because 
u — 1 > x + 1 — 1 — x) which also is labeled with p — a 
contradiction. So u = x + 1. □ 

3.5 A Cloud — how to use it. 

Let us now concentrate on models which satisfy $ orient A 
&l a A $ c ioud- Since ^cioud is satisfied then p is a cloud. 
Let ri — 1 denote number of leaves contained in the intervals 
that form the cloud. Our goal is to write a formula <&i en gth 
that would guarantee the following properties: 

1 . Configurations and shades are not too short. If you see 
two states (i.e. more than an entire configuration) or an 
entire shade, then you must see a lot, at least n leaves. 
So you must be high enough. Higher than the cloud. 

2. Configurations and shades are not too long. If you only 
see an interior of a configuration (i.e. you do not see 
states) or an interior of some shade, then you do not 
see much, at most n — 2 leaves. So you must be under 
the cloud. 

Once we do that, the formula * = $ ricnt A $l a A 
$cioud A ^length will be satisfiable if and only if there exists 
a word satisfying the conditions from Lemma [T] (ii) - it is 
straightforward how to translate such a word into a model 
of ^ and vice versa. 



So put $ lcngth = $^ gth A $^ gth A $^ gth A $?4 th 
where: 

= [G](K^Q'((Dk A (DW) => (D)p) 

length = [G\(A q e Q [Dhq => -np A [D]^p) 
Formulae for shades are a little bit more com- 
plex. Let Fi (F/, Si, Si, F, F', S, S", F r , F' r , S r , S' r 
resp.) be a set of symbols that contain /j 

(fl,si,s , i,f,f,s,s f ,f r ,f^,s r ,s' r resp.), and T = 
{ (F t ,F,F r ), (F{, F>,F> r ), {St ,S,S r ), {S[ ,S',S' r )}. 

*l 1 en g th = [G , ](A(T ! ,T,T r)e r((^> A {D) \J T r ) (D)p) 

*?ength=[G]( /\ ((D) \J T A -.(D) \J(T t U T r )) 

(Ti,T,T r )eT 

=i>^A [D]-ip) 

4. Proof of Theorem |2] 



Unfinished 
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